On 04/05/2016 18:28, Reiner Herrmann wrote: >> https://github.com/netblue30/firejail/issues/494
> I also assume that you ran into this libselinux1 regression. > Can you please recheck with libselinux1 2.5-1 (when it lands in testing) > and tell me if it solved your problem? > > Kind regards, > Reiner > Hi Reiner, I certainly will. BTW, the workaround detailed on the github site seems to work, namely adding this switch to the commandline: --seccomp.drop=umount2,ptrace,kexec_load,kexec_file_load,open_by_handle_at,init_module,finit_module,delete_module,iopl,ioperm,swapon,swapoff,syslog,process_vm_readv,process_vm_writev,sysfs,_sysctl,adjtimex,clock_adjtime,lookup_dcookie,perf_event_open,fanotify_init,kcmp,add_key,request_key,keyctl,uselib,acct,modify_ldt,pivot_root,io_setup,io_destroy,io_getevents,io_submit,io_cancel,remap_file_pages,mbind,get_mempolicy,set_mempolicy,migrate_pages,move_pages,vmsplice,chroot,tuxcall,reboot,nfsservctl,get_kernel_syms Cheers, -- Guy
signature.asc
Description: OpenPGP digital signature
